Automatically assigning data protection policies using anonymized analytics

ABSTRACT

Embodiments for a system and method of selecting data protection policies for a new system, by collecting user, policy, and asset metadata for a plurality of other users storing data dictated by one or more protection policies. The collected metadata is anonymized with respect to personal identifying information, and is stored in an anonymized analytics database. The system receives specific user, policy and asset metadata for the new system from a specific user, and matches the received specific user metadata to the collected metadata to identify an optimum protection policy of the one or more protection policies based on the assets and protection requirements of the new system. The new system is then configured with the identified optimum protection policy as an initial configuration.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation-In-Part application and claims priority to U.S. patent application Ser. No. 17/400,480, filed on Aug. 12, 2021 and entitled “Leveraging Asset Metadata for Policy Assignment,” which is assigned to the assignee of the present application, and which is hereby incorporated by reference in its entirety.

TECHNICAL FIELD

This invention relates generally to data backup systems, and more specifically to using asset metadata for automatic assignment of protection policies to new data assets.

BACKGROUND

Backup software is used by large organizations to store their data for recovery after system failures, routine maintenance, archiving, and so on. Backup sets are typically taken on a regular basis, such as hourly, daily, weekly, and so on, and can comprise vast amounts of information. Backup programs are often provided by vendors that provide backup infrastructure (software and/or hardware) to user under service level agreements (SLA) that set out certain service level objectives (SLO) that dictate minimum standards for important operational criteria such as uptime and response time, etc. Within a large organization, dedicated IT personnel or departments are typically used to administer the backup operations and apply appropriate backup policies to specific data assets.

Backing up important data and infrastructure is critical to a company's ongoing operations. However, such data typically comprises very large amounts of information featuring different characteristics, such as data type, data source, storage requirements, and so on. Accordingly enterprise data is often treated and classified as different types of assets so that specific protection policies can be applied to each data type to ensure that backup and restore operations can deliver appropriate service level requirements. Such differential policy assignments are also crucial in helping companies manage costs as data storage and backup/restore operations can be expensive. In present data storage environments, this is typically accomplished by manually assigning specific assets to a policy (manual assignment), or constructing policy assignment rules to add automatically assets to policies if they meet some user-defined criteria (rule-based assignment).

In present Information Technology (IT) environments, administrators must spend a significant amount of time doing the initial configuration of their backup/recovery systems. Often this initial setup involves creating specific types of backup policies for certain categories of assets and fine-tuning these metrics for the specific field that the user is operating within (e.g., to follow HIPPA, GDPR, or other industry specific guidelines).

What is needed, therefore, is a system and method to simplify assigning assets and generating data protection policies in brand new IT environments and large-scale data networks.

The subject matter discussed in the background section should not be assumed to be prior art merely as a result of its mention in the background section. Similarly, a problem mentioned in the background section or associated with the subject matter of the background section should not be assumed to have been previously recognized in the prior art. The subject matter in the background section merely represents different approaches, which in and of themselves may also be inventions. EMC, Data Domain and Data Domain Restorer are trademarks of DellEMC Corporation.

BRIEF DESCRIPTION OF THE DRAWINGS

In the following drawings like reference numerals designate like structural elements. Although the figures depict various examples, the one or more embodiments and implementations described herein are not limited to the examples depicted in the figures.

FIG. 1 is a diagram of a network implementing a data protection policy assignment process using asset metadata and including a policy database using anonymized analytics, under some embodiments.

FIG. 2 is a flowchart illustrating a method of optimally assigning data protection policies based on asset metadata, under some embodiments.

FIG. 3 is a table that lists example metrics of an asset, under an example embodiment.

FIG. 4 illustrates an example of a clustering process for new assets, under some embodiments.

FIG. 5 is a table illustrating an example overall affinity percentage calculation for different clusters based on some individual metric affinity percentages, under an example embodiment.

FIG. 6 is a flowchart that illustrates a sub-process of calculating an overall affinity percentage for an asset relative to other assets, under an embodiment.

FIG. 7 is an example UI display screen that illustrates discovery of assets and request for policy assignment, under some embodiments.

FIG. 8 is a block diagram showing components of an asset metadata processing component for protection policy assignment for use in a backup system, under some embodiments.

FIG. 9 is a flowchart that illustrates an overall method of populating a zero-day user environment, under some embodiments.

FIG. 10 illustrates uploading user, policy, and asset metadata information to an anonymized policy database, under some embodiments.

FIG. 11 is a table listing certain types of user metadata for populating an anonymized policy database, under an example embodiment.

FIG. 12 is a table listing certain types of policy configurations for populating an anonymized policy database, under an example embodiment.

FIG. 13 illustrates the presentation of different policies selected from anonymized analytics, under some embodiments.

FIG. 14 is a system block diagram of a computer system used to execute one or more software components of a policy assignment process using asset metadata, under some embodiments.

DETAILED DESCRIPTION

A detailed description of one or more embodiments is provided below along with accompanying figures that illustrate the principles of the described embodiments. While aspects are described in conjunction with such embodiment(s), it should be understood that it is not limited to any one embodiment. On the contrary, the scope is limited only by the claims and the described embodiments encompass numerous alternatives, modifications, and equivalents. For the purpose of example, numerous specific details are set forth in the following description in order to provide a thorough understanding of the described embodiments, which may be practiced according to the claims without some or all of these specific details. For the purpose of clarity, technical material that is known in the technical fields related to the embodiments has not been described in detail so that the described embodiments are not unnecessarily obscured.

It should be appreciated that the described embodiments can be implemented in numerous ways, including as a process, an apparatus, a system, a device, a method, or a computer-readable medium such as a computer-readable storage medium containing computer-readable instructions or computer program code, or as a computer program product, comprising a computer-usable medium having a computer-readable program code embodied therein. In the context of this disclosure, a computer-usable medium or computer-readable medium may be any physical medium that can contain or store the program for use by or in connection with the instruction execution system, apparatus or device. For example, the computer-readable storage medium or computer-usable medium may be, but is not limited to, a random-access memory (RAM), read-only memory (ROM), or a persistent store, such as a mass storage device, hard drives, CDROM, DVDROM, tape, erasable programmable read-only memory (EPROM or flash memory), or any magnetic, electromagnetic, optical, or electrical means or system, apparatus or device for storing information. Alternatively, or additionally, the computer-readable storage medium or computer-usable medium may be any combination of these devices or even paper or another suitable medium upon which the program code is printed, as the program code can be electronically captured, via, for instance, optical scanning of the paper or other medium, then compiled, interpreted, or otherwise processed in a suitable manner, if necessary, and then stored in a computer memory.

Applications, software programs or computer-readable instructions may be referred to as components or modules. Applications may be hardwired or hard coded in hardware or take the form of software executing on a general-purpose computer or be hardwired or hard coded in hardware such that when the software is loaded into and/or executed by the computer, the computer becomes an apparatus for practicing the certain methods and processes described herein. Applications may also be downloaded, in whole or in part, through the use of a software development kit or toolkit that enables the creation and implementation of the described embodiments. In this specification, these implementations, or any other form that embodiments may take, may be referred to as techniques. In general, the order of the steps of disclosed processes may be altered within the scope of the embodiments.

Some embodiments involve data processing in a distributed system, such as a cloud based network system or very large-scale wide area network (WAN), and metropolitan area network (MAN), however, those skilled in the art will appreciate that embodiments are not limited thereto, and may include smaller-scale networks, such as LANs (local area networks). Thus, aspects of the one or more embodiments described herein may be implemented on one or more computers executing software instructions, and the computers may be networked in a client-server arrangement or similar distributed computer network.

Embodiments are described for a data asset protection system that leverages asset metadata to identify common characteristics of assets and use that data to guide new asset policy assignments. This process saves the time and effort needed to both assign and naturally group their assets into the appropriate policies by providing a much richer dataset than the present rules-based approach with the benefit of requiring no additional effort on the part of a system administrator. Additionally, a guided metadata policy assignment allows asset categorizations to naturally and dynamically change with the users' environment, thus facilitating optimal application of backup policies to appropriate data assets to continuously meet service level agreements (SLAs), and other defined performance requirements.

FIG. 1 illustrates a computer network system that implements one or more embodiments of a network data backup system implementing an asset metadata and backup policy assignment process, under some embodiments. In system 100, a backup server 102 executes a data storage or backup management process 112 that coordinates or manages the backup of data from one or more data sources 108 to storage devices, such as network storage 114, client storage, and/or virtual storage devices 104. With regard to virtual storage 104, any number of virtual machines (VMs) or groups of VMs may be provided to serve as backup targets. FIG. 1 illustrates a virtualized data center (vCenter) 108 that includes any number of VMs for target storage. The VMs or other network storage devices serve as target storage devices for data backed up from one or more data sources, such as a database or application server 106, or the data center 108 itself, or any other data source, in the network environment. The database server can be a single machine or a cluster. The data sourced by the data source may be any appropriate data, such as database 116 data that is part of a database management system or any appropriate application 117. Such data sources may also be referred to as data assets and represent sources of data that are backed up using process 112 and backup server 102.

The network server computers are coupled directly or indirectly to the network storage 114, target VMs 104, data center 108, and the data sources 106 and other resources through network 110, which is typically a public cloud network (but may also be a private cloud, LAN, WAN or other similar network). Network 110 provides connectivity to the various systems, components, and resources of system 100, and may be implemented using protocols such as Transmission Control Protocol (TCP) and/or Internet Protocol (IP), well known in the relevant arts. In a cloud computing environment, network 110 represents a network in which applications, servers and data are maintained and provided through a centralized cloud computing platform.

The data generated or sourced by system 100 and transmitted over network 110 may be stored in any number of persistent storage locations and devices. In a backup case, the backup process 112 causes or facilitates the backup of this data to other storage devices of the network, such as network storage 114, which may at least be partially implemented through storage device arrays, such as RAID components. In an embodiment network 100 may be implemented to provide support for various storage architectures such as storage area network (SAN), Network-attached Storage (NAS), or Direct-attached Storage (DAS) that make use of large-scale network accessible storage devices 114, such as large capacity disk (optical or magnetic) arrays. In an embodiment, system 100 may comprise at least part of a Data Domain Restorer (DDR)-based deduplication storage system, and storage server 102 may be implemented as a DDR Deduplication Storage server provided by EMC Corporation. However, other similar backup and storage systems are also possible.

Backup software vendors typically provide service under a service level agreement (SLA) that establishes the terms and costs to use the network and transmit/store data specifies minimum resource allocations (e.g., storage space) and performance requirements (e.g., network bandwidth) provided by the provider. The backup software may be any suitable backup program such as EMC Data Domain, Avamar, and so on. In cloud networks, it may be provided by a cloud service provider server (e.g., Amazon, EMC, Apple, Cisco, etc.).

In most large-scale enterprises or entities that process large amounts of data, different types of data are routinely generated and must be backed up for data recovery purposes. To optimize storage costs and data availability, such backup processes are often dictated by several different data protection (backup) policies 121 applied to different types or classes of data. These policies define important parameters such as backup periods (e.g., daily, weekly, monthly, etc.), storage targets (e.g., local fast storage, network hard drive, cloud archive, etc.), retention times (e.g., 2/5/10 years, etc.), transfer priority, user access, and other similar parameters.

For the embodiment of FIG. 1 , the asset metadata management process 120 provides a dynamic and efficient method of optimally assigning policies to assets by analyzing asset metadata to identify common characteristics of assets and to use that data to assign or re-assign protection policies to new assets. The process 120 performs three main sub-tasks comprising (1) extracting asset metadata from new assets, (2) using the extracted metadata to identify optimal policy assignments for those assets based on existing policy clusters, and (3) prompting the user to confirm the defined policy assignments.

For the embodiment of FIG. 1 , the asset metadata management process 120 may be implemented as a component that runs within a data protection infrastructure, and can be run as an independent application or embedded into an instance of data protection software 112 or a data protection appliance. Process 120 may provide input directly to the backup process 112 to identify and select policies 121 that are also accessed or provided within the backup software 112. Alternatively, it may act directly on the protection policies 121 to dictate which policies are applied by the backup software for the respective assets. Any of those implementations may also be on-premise implementations on client machines within a user's data center or running as a hosted service within the cloud (e.g., network 110).

FIG. 2 is a flowchart illustrating a method of optimally assigning data protection policies based on asset metadata, under some embodiments. As shown in FIG. 2 , process 200 first discovers and/or identifies data assets in the system, 202. The data assets comprise any dataset or source of data that a user wants to backup for data protection (i.e., data backup, storage and/or recovery/restoration) purposes. Such assets can be individual files, file directories, file systems, databases, database servers, data processing applications, Virtual Machines (VMs), and so on. Such assets may be defined by their source or by the applications that process the data, as well as other characteristics, such as storage or data type, priority (criticality), protection requirements, user access, and other relevant parameters. The asset discovery step 202 may be performed using any appropriate data or network analysis process that identifies assets in a network based on certain defined keywords or identifiable phrases in a name, identifier, or similar data field. For example, a standard network discovery job that is run on a periodic basis can be used to identify current assets as well as new assets added after a previous discovery operation.

The software code of each asset contains certain metadata elements or data fields that identify and define the asset. Because enterprise data inherently comes from many disparate sources, data field and naming conventions can vary widely across all the different data assets. A parser may be used to identify relevant terms that help identify data assets, as well as the asset characteristics. For example, terms such as “Production” or “prod,” “Test,” “database” or “db,” “Oracle,” “SQL,” and so on, indicate data elements that the parser would recognize as being data assets to be protected by certain protection policies. Such characteristics are typically embodied as metadata of the asset, as opposed to the actual data itself. In an embodiment, process 200 extracts the asset metadata using recognizable terms identifying a data asset and its relevant characteristics, 204. metadata associated with or defined as part of an asset is examined to identify relevant assets for process 200.

Each asset thus has a set of characteristics or attributes that defines certain features of each asset, and which are referred to as ‘metrics’ of an asset. FIG. 3 is a table 300 that lists example metrics of an asset, under an example embodiment. The example of FIG. 3 illustrates certain metrics, such as geolocation, network information, operating system, asset type, data size, system name, and applications. FIG. 3 is intended to provide an example of some possible asset metrics, and many others are also possible. For example, in a virtualized system, the metrics could include: cluster name, datacenter/datastore name, host name, OS, vCenter name, VM name, VM folder name, VM resource pool, VM size, VM tags, and so on.

These metrics provide a rich dataset of characteristics for both newly discovered assets and those already known within the system, and are leveraged by the system to facilitate the optimal matching of policies to the assets. Any number of metrics may be provided for the assets depending on the system and configurable parameters. In general, the greater the number of metrics, the more informed can be the policy matching process.

Since the system may contain a great many assets, with only a relatively fewer number of policies to apply to these assets, the assets are generally clustered together into different groups, each having certain common characteristics and for which the same protection policy is applied. Thus, as shown in step 204, the extracted metadata (metric information) is used to determine which group a particular cluster should be assigned.

When a discovery job is performed for the first time for a network, the system would take all assets discovered the first time, compute clusters for each assets and assign them to a default policy, or use simple rules for day one and use a set of default policies.

In process 200, once a new asset's metadata is obtained, a cluster analysis process is performed to compare the new asset to assets already assigned to specific backup policies. The strength of these comparisons is used to determine which group, or groups, the new asset is most strongly associated with based on their relative affinity scores.

Each asset (existing and new) has a position in n-dimensional space. Standard clustering determines clusters by computing a boundary around a subset of assets. This is controlled by certain clustering parameters. Each cluster has a centroid and the distance from each new asset to each cluster's centroid can be computed. In an embodiment, a standard cluster analysis technique is used to perform the asset grouping, 204. This group assignment then determines the protection policy that is applied to the asset, 206, through an affinity scoring process that is computed by normalizing the distance. In general, an affinity score represents a percentage closeness of the asset metrics to a centroid of a cluster having other assets. Such a score may be expressed as a percentage number, such that an asset may be X % close to one cluster and Y % close to another cluster, and the greater of X or Y determines to which cluster the asset should be grouped. For purposes of description, the terms “affinity score” and “affinity percentage” are used interchangeably.

FIG. 4 illustrates an example of a clustering process for new assets, under some embodiments. As shown in FIG. 4 , a cluster analysis plot 400 shows an example of three distinct clusters 402, 404, and 406 for individual assets plotted over given X and Y dimensions. These dimensions may be rankings along any appropriate metric or grouping of metrics. Additionally, the cluster analysis may be represented in any number (more than 2) dimensions. The grouping of the assets in a defined cluster dictates the policy applied to all of the assets in that cluster. Thus, for example, cluster A (402) may have an end user backup policy applied to it, while cluster B (404) may have Lab SQL system policies applied, while cluster C (406) may have production VM policies applied.

For the example of FIG. 4 , there are two newly discovered assets (Asset A and Asset B). Through process 200, the metadata for each of these assets is extracted and then plotted along with that of all the other assets. Once the new assets are plotted, the system will compute an affinity score between each new asset and each cluster. These scores provide information that highlights similarities to existing policies and allows the new policies to be optimally assigned to specific policies, thus simplifying policy assignment.

In an embodiment, any practical combination of parameters may be used to calculate the affinity scores for assets in relation to existing clusters (or other assets) for the cluster analysis process. In an embodiment, affinity scores are calculated by evaluating a distance to the centroid of each cluster. Each metric (or attribute or feature) for each asset is used to plot assets. Cluster analysis looks at the grouping (or clustering) and automatically determines a boundary for each cluster. A centroid for each cluster is then computed, and then the distance to this centroid for each new asset can be computed. This cluster centroid distance is thus used to compute the affinity score. In an embodiment, an affinity score can be computed as follows: first, the distance from an asset to the centroid of each cluster is computed; second, the furthest distance is normalized to 1, and all others are a percentage of that distance; third, the affinity score is calculated as 1 minus the normalized distance.

For this calculation, any number (N) metrics may be used to calculate the overall affinity score. This can comprise all or any relevant subset of the metrics for assets in the system, such as shown in Table 300. In general, some metrics may be more important than others with regard to assignment of data protection policies. In an embodiment, appropriate weighting factors can be applied to each metric for the overall affinity score calculation.

The overall affinity percentage value (or score) for each asset is then used to place the asset in the plot of asset groups, as shown in FIG. 4 . For the example of FIG. 4 , it can be seen that Asset A is very strongly associated and can be automatically assigned with cluster C, which would be the Production VM's policy. Also in this example, it can be seen that Asset B has characteristics that are very closely associated with both cluster C (Production VMs) as well as cluster B (Lab SQL Systems). This illustrates a case in which an asset does not clearly fall into a single policy grouping, but rather two or more other clusters. In this case, the user is given the option to assign the asset to one of these policies. To aid this decision the user is given the overall affinity score for each policy group, as well as a detailed list of information comparing the value of the asset to the group averages (when possible) across the set of metrics/features used to generate the cluster analysis. Thus, as shown in FIG. 2 , step 208 of process 200 provides affinity scoring details to allow modification of asset grouping, if necessary.

FIG. 5 is a table illustrating an example overall affinity score (or percentage) calculation for the different clusters of FIG. 4 , under an example embodiment. Table 500 of FIG. 5 lists the relevant metrics in column 502 for each of the existing clusters 506 (e.g., Cluster A, Cluster B, and Cluster C). The metrics for the asset being placed are provided in column 504. An overall affinity percentage for the asset relative to the clusters is shown in row 508. The details of the affinity percentage for each of the individual metrics of the asset as compared to the clusters is shown in the remaining cells of Table 500. The appropriate weighted combination of these individual percentages is then used to calculate the respective overall affinity percentage of the asset compared to each of the clusters, as shown in row 508. As shown in Table 500, the asset clearly has a low affinity (4%) with cluster C, and therefore that policy should not be applied to the asset. The asset shows the highest affinity for cluster A (62%), however it is also close to cluster B (52%). In this case, the user may want to investigate the individual metric affinity scores to see whether or not the policy for cluster B better suits the asset than that for cluster A. Given the additional details, such as shown in FIG. 5 , users are aided in choosing policy assignment. As users continue to grow their environments it is expected that patterns in asset assignment become more clearly defined and the percentage of automatic asset classifications increases, thus continuously providing greater information on which to automatically assign protection policies to new or changed assets.

FIG. 5 is intended to illustrate an example set of metrics that can be used to calculate an overall affinity score based on affinity scores for each of the metrics, and embodiments are not so limited. Any additional or other metrics may also be included.

FIG. 6 is a flowchart that illustrates a sub-process of calculating an overall affinity score for an asset relative to other assets, under an embodiment. As shown in FIG. 6 , process 600 begins with defining the metrics for the newly discovered asset, or any asset to be assigned to a protection policy by grouping with other similar assets, 602. The process compares each metric of the asset to the corresponding metric for each other asset or group of assets in a cluster, 604. The affinity score of the asset with each other asset for each compared metric is then calculated, and from this set of affinity scores, an overall affinity score is calculated for the asset relative to the clusters, 606. This step can comprise summing the individual metric affinity scores using either a simple sum or weighted sum for each metric to determine the overall affinity score.

As mentioned above, in an embodiment, affinity scores are calculated using cluster centroid distances, 607, in which the centroid for each cluster is computed, and then the distance to this centroid for each new asset is computed.

The process then initially assigns asset to the closest cluster based on calculated overall affinity score, 608. The process then provides to the user, through an appropriate GUI, detail of the individual metric affinity score calculations, so that the user can change the cluster assignment of the asset if desired, 610. Such details can be displayed such as shown in table 500 of FIG. 5 . Such a display can be provided through widgets in a product dashboard or similar UI mechanism.

With reference back to FIG. 2 , the metadata-driven policy assignment process prompts the user to confirm the assignment, 210. This can be done through an alert, e-mail message, telephone call, text message, console message, and so on. In an embodiment, a user interface display area can be displayed on the user's computer or phone to allow for input of the confirmation. FIG. 7 is an example UI display screen that illustrates discovery of assets and request for policy assignment, under some embodiments. The example UI display 700 of FIG. 7 shows display upon completion of a discovery job that discovers new or changed assets and automatically places them in appropriate policy groups based on their affinity scores. The discovery job interface 702 includes two sub-windows, one for automatically assigned assets 704, and one for assets for which confirmation is required, 706.

In an embodiment, assets that have an overall affinity score in excess of a certain given percentage threshold, such as 80% or 90% may be automatically assigned to a policy group with no user confirmation required. Those assets that have less than the threshold percentage value are shown in display area 706 as requiring policy assignment confirmation. The overall affinity scores can be shown for each of the relevant policy groups, as shown in FIG. 7 (e.g., 62% match with the Lab SQL systems group, 52% match with the Production VMs group, and 4% match with the End User Backups group), and the user can then confirm assignment of the asset in the group that he or she desires. If details of individual affinity scores for the asset needs to be viewed, the “View Details” command button 708 may be used. In this case, a display screen, such as shown in FIG. 5 may be displayed to show the user the detailed breakdown of the affinity score percentages based for individual metrics for the different groups.

With reference back to FIG. 2 , once the user has confirmed or directly changed the asset to protection assignment, the overall process performs the backup of the asset according to the associated policy, 212, and this assignment will remain until a new discovery job discovers the asset as moved or changed.

For process 200, the user has several input points to provide information to the system for determining the ultimate asset to policy assignment. First, the user can specify the relevant metrics for calculating the overall affinity score. Second, the user can specify the priority of these metrics with respect to weighting their relative importance in the summing or combinatorial operation that calculates the overall affinity score. Third, the user can set criteria levels for automatic assignment confirmation so that assets that have affinity scores above a particular percentage threshold (e.g., with 90% or greater similarity) are automatically assigned policy assignments, while others require confirmation.

In an embodiment, the asset metadata-driven policy assignment process is executed in a data backup system comprising a data protection engine for backing up data from user host systems. FIG. 8 is a block diagram showing components of an asset metadata processing component for protection policy assignment for use in a backup system, under some embodiments. For the example embodiment shown, system 800 may constitute or comprise at least part of component 120 in FIG. 1 . Corresponding to certain components that may be shown in FIG. 1 , system 800 includes one or more user host systems 802, each of which has installed a backup and recovery agent 804 for use with corresponding processes in data protection system 812. The host system 802 is coupled to data protection system 812 that includes a data protection engine 816 and a database 818 that contains certain data for the system, such as protection policies, and so on. Backup activities are scheduled and configured in the data protection system 812 and performed on the assets according to the one or more respectively assigned policies.

The components 814 of data protection system 812 include an asset discovery process 820 that discovers initial, new, or changed assets based through automatic or user-initiated operations, such as discovery jobs, and so on. As assets are discovered, they are processed by the affinity score (or percentage) calculator 822 and grouping or clustering module 824 for automatic or user-selected assignment to appropriate policy groups by the policy assignment module 826. As described above, certain notifications regarding asset assignments are sent to the user through the possible external messaging platforms 808 such as e-mail, short message service (SMS) messages, text alerts, Slack, and so on. User-provided information, such as assignment confirmations or direct policy assignments may be made through the UI service 828 interacting with client browser 810. The UI service 828 is used to host the system UI, and can be configured to handle certain specific UI and HTTP based APIs, such as: (1) dashboards, widgets, and other UI components needed to interact with the user through their client browser 810.

FIG. 8 illustrates an example system implementing an asset to policy assignment process and embodiments are not so limited. Other or additional processing components, user interface elements, and data storage/processing elements may also be used.

The asset metadata management process 120 and system 800 thus provides a dynamic and efficient method of optimally assigning policies to assets by analyzing asset metadata to identify common characteristics of assets and to use that data to assign or re-assign protection policies to new assets. It performs the main tasks of extracting asset metadata from new assets, using the extracted metadata to identify optimal policy assignments for those assets based on existing policy clusters, and prompting the user to confirm the defined policy assignments.

This metadata-driven approach of assigning assets to protection policies is significantly more powerful than the basic policy rule assignment methods of present systems, because using metadata allows a large number of variables to be considered and continuously updated as the system environment changes. In addition metadata policy associations are generally more accurate than those created from simplistic user defined policy rules, while providing the benefit of being done automatically with little or no user engagement.

Zero-Day Configuration

As stated above and as shown in FIG. 2 , data assets are backed up according assigned policies. Such policies can include policies that are defined during system deployment, such as by system administrators, users, and so on. In the case of a new deployment, existing policies may not exist. Such a condition is referred to as a ‘zero-day environment’ indicating a new or fresh system that has no or very limited existing or historical data. For such a case, the asset metadata management process 120 is extended to include certain zero-day operations. These include policies identified using certain anonymous information 123 or data that has been ‘anonymized’ that can be used to help set up a new system based on similarities with other existing systems.

As stated in the Background section, current network deployment methods require system administrators to spend significant time creating specific types of backup policies for different assets and fine-tuning these metrics for specific user needs. To simplify this process, embodiments enable a zero-day experience that simplifies assigning assets and generating policies in brand new user environments. These embodiments use the above-described methods of administrators creating a representative environment by configuring policies and adding devices to those policies. In these methods, assignments and recommendations for placement of newly discovered assets into an existing infrastructure simplifies maintenance based on similarities to items currently within those policy groups.

Embodiments extend this aspect by adding the use of a user's metadata (e.g., DUNS number and geolocation) to pull representative policy configurations and their representative asset signatures to allow quick initial population of those policies within the administrator's environment. Using this data and applying it to backup/recovery environment allows an administrator to instantly leverage industry standards to deploy a full backup/recovery infrastructure quickly and efficiently.

In an embodiment, the database 123 includes anonymized policies with limited accompanying asset metadata that users would opt into submitting and retrieving policy information from. Under such an embodiment, when a new company comes online it could pull policies from this library 123 based on asset metadata (e.g., keywords from asset names, asset size, asset type, etc.) and possibly other features like company characteristics (e.g., industry, size, etc.). If the new company is similar to another existing company, policies stored by that company may be used by the new company based on appropriate matching characteristics. This would alleviate the need for a company to create any policies or assign any assets manually.

FIG. 9 is a flowchart 900 that illustrates an overall method of populating a zero-day user environment, under some embodiments. As shown in FIG. 9 , a first step 902 is to collect metadata about the user, policies, and assets.

In general, there are inherent patterns in ways that companies setup and use backup/recovery software. For example, large online retailers have different behaviors in data backup and recovery as compared to healthcare facilities. For instance, online retailers may quantify outages of service in terms of thousands of dollars per minute and have very stringent Recovery Point Objectives (RPOs;) that dictate how much time they can afford to lose before recovery, and will prioritize backup policies that get them operational as quickly as possible after an event. On the other hand users like healthcare facilities may be more accepting of a slightly longer RPOs but want strict privacy settings on all sensitive (e.g., HIPAA) data. Along these lines, storage practices may differ based on geolocation, business priorities, regulations of that field, and so on. These differences often require a large initial time and resource investment on the part of the individual users to create policies representing their field and populating these policies with the appropriate assets.

In an embodiment, certain anonymized data is obtained from other users to add to a library of data that can be analyzed for certain patterns that help in quickly setting up new systems for a specific user. These three pieces include (A) customer metadata (e.g., DUNS data, geolocation information, etc.), (B) policy configurations, and (C) asset metadata within policies (i.e., a signature of what kind of assets are assigned to those policies). This anonymized data is uploaded to the policy library 123 along with other anonymized analytics that might typically be collected. FIG. 10 illustrates uploading user, policy, and asset metadata information to an anonymized policy database, under some embodiments. As shown in FIG. 10 , an anonymized analytics database 958, such as embodied in library 123, is populated by user metadata 952 from a number of other users in the form of DUNS and geolocation information, policy configurations 954 in the form of backup policies, and asset metadata within policies 956, in the form of asset signatures. In this manner, database 958 stores relevant data for a large number of other users that can be used to help select or define initial polices for a user of a new system (specific user).

With respect to the user metadata, 952, embodiments use high-level asset characteristics that are related to unique differences in policy and asset assignment. By taking asset metadata into account and associating it to corresponding policy recommendations, these relevant policies can be targeted to similar types of companies. For example, large U.S.-based retail companies would have much more in common regarding backup/recovery practices, as compared to a set of small European law offices. By tracking these unique bits of information about users, the corresponding policy recommendations could be targeted more accurately to similar situations in which they offer more value with less customization. To enable that capability, certain types of user metadata are captured, as illustrated in Table 1100 of FIG. 11 .

As shown in FIG. 11 , example metrics for user metadata include industry classifications of a company, such as the NAICS/SICS code, which is a numerical classification scheme that is commonly used. Geolocation information includes specific address, GPS, or geographic (latitude/longitude) data that locates the company so that appropriate government, regulatory, local practice, or other geo-specific policy configurations can be accommodated. Other example information items shown in Table 1100 include company size based on number of assets (e.g., large vs. small-scale), distribution of managed items (e.g., central versus distributed). It should be noted that FIG. 11 is provided as an example only and embodiments are not so limited. Any number and type of user information may be used depending on system configuration and constraints.

With respect to policy configurations 954 of FIG. 10 , policies are the foundation of backup and recovery systems as they dictate what data is backed up, how it is backed up (i.e., backup type: full, incremental, etc.), how often backups occur, and where the backups are stored. In configuring backup policies companies make business decisions about their acceptable costs, Recovery Time Objective (RTO), Recovery Point Objective (RPO), replication, etc., as well as take into account any legal requirements and standards. The creation of initial policies is often a highly complex and time-consuming process, often involving collaboration across multiple departments within a company (e.g., legal, IT, infrastructure, etc.).

As stated previously, there is presently no capability to take advantage of the abundance of information from existing and seasoned companies using current backup and recovery solutions. In an embodiment, the anonymized library 123 provides this knowledge bank of policies and allows the system 100 to leverage it to aid the setup process in new environments. This is done anonymously by taking certain policy configuration information and uploading it to a central analytics library of the system, so that a pattern of configurations could be obtained. Certain protection schemes may be implemented, such as unique information that should not be shared, would be queried to the new user upon initial setup (e.g., through credentials, etc.).

FIG. 12 is a table listing certain types of policy configurations for populating an anonymized policy database, under an example embodiment. Table 1200 of FIG. 12 shows certain metrics including policy name, asset type, backup method, backup frequency, backup location, and retention period, along with their respective example functions and operating parameters. It should be noted that FIG. 12 is provided as an example only and embodiments are not so limited. Any number and type of policy configuration information may be used depending on system configuration and constraints.

With respect to asset metadata within polices 956 of FIG. 10 , assets are assigned to each policy to generate an asset metadata signature. Looking at certain anonymous characteristics of assets assigned to policies in established environments, a metadata signature can be developed using techniques such as cluster analysis. This enables sharing this template of asset assignments to new environments in which the policies are imported. The anonymized characteristics are ‘anonymous’ in that they comprise non-personally identifiable information and data. In an embodiment, strictly non-PII (personally identifiable information) is used to prevent the system to be used to determine the identity of an individual to be directly or indirectly inferred including information that is linked or linkable to that individual. In addition, other information shall be removed so as not to identify the specific company of origin.

In an embodiment, the term ‘asset metadata’ means the metadata (e.g., FIG. 3 metadata) that is used in performing the cluster analysis.

In an embodiment, a cluster analysis process, as described above with respect to FIG. 4 is performed to assign assets policies based on similarity to other assets already assigned to specific backup policies. As shown in FIG. 4 , there are three policies that have been imported into an environment and their asset metadata signatures have divided the appropriate assets into each policy, i.e., clusters 402, 404, and 406. By using a matrix of asset metadata, certain nuanced distinguishing features can be used by to create useful groups of assets for backup purposes. Leveraging the statistical relationship of assets within policies allows a new environment to take advantage of work done by more established environments to quickly setup representative policy groups (e.g., finding that a ‘Production VMs’ policy is typically applied to VM's tagged production and a host of other unique identifiers). These values can be amended as more users adopt these general policies. As an example, if one user creates the base policy that is used as the base for another, and the original policy had a 31-day retention period and the new user changes that retention to 29 days, the new retention variable could be adjusted to 30 days to reflect average usage. Other mathematical formulas such as weighted average and filtering may be applied to the data to account for variations in data.

As shown in FIG. 9 , the second major step in process 900 is using the anonymized library to populate a zero-day environment, 904. In an embodiment, the process takes the user's metadata (e.g., DUNS number, geolocation, among others) to create an initial filter of applicable policies. The policies with the greatest match to the user's metadata will be used to propose an initial environment configuration, this configuration will include customized policies and asset assignments. If there are several proposed options the user can view the various options and select the one most in line with their business priorities. Thus, as shown in FIG. 9 , the process 900 proposes one or more initial environment configurations and allows the user to select the set of customized policies to implement for the new system, 906. Once selected the system will configure the environment, 908.

FIG. 13 illustrates the presentation of different policies selected from anonymized analytics, under some embodiments. As shown in diagram 1300, a company A (‘Acme’) is a US-based healthcare company that may benefit from policies implemented by other like companies, i.e., similarly sized healthcare companies in the US. Such correlation may be found through relevant DUNS information, or similar corporate data. As shown in FIG. 13 , Acme is presented with three separate options 1304 denoted Option A, Option B, and Option C. Each option comprises one or more different policies and the options are ranked according to a tradeoff of RTO versus cost. For the example of FIG. 13 , Option A includes five policies that are used by 32 companies in the healthcare and US-based large enterprise space and that has the lowest cost but highest RTO; Option B includes two policies used by 16 companies in the healthcare, mid-market US-based space with medium cost and low RTO; and Option C includes three policies used by 48 companies in the healthcare SMB US-based space with the highest cost but lowest RTO.

Dataset 1306 represents the assets and backup requirements (e.g., RTO, retention period) based on different asset metadata signatures for different clusters as exemplified in FIG. 4 . Thus, for this example, the clusters are End-User Backups, Lab SQL Systems, and Production VMs. As can be seen, each cluster has certain assets an certain RTO/retention requirements. Based on these characteristics, a user may select Option B as providing the best policies for a new company 1302 based on the similarity of user, policy, and asset metadata between the other companies (total number for all the options) and the new company 1302. The system determines which attributes the customer has in common with policies that have been uploaded, and performs a best match to finding companies in the same or similar industries (via the DUNS number) and within the same geolocation such as country. For the embodiment of FIG. 13 , the company metadata (e.g., DUNS, geolocation) is used to match up with or pull policy configurations 1304 derived from or stored in the anonymized analytics database 958. These policies can then be applied to the company to quickly set up its data protection processes.

In an embodiment, the groupings defined in FIG. 13 are created by repeatedly running Process 600, defined in FIG. 6 ; against the similar environments matched in process 904. The results from this are then grouped into the Options presented in FIG. 13 . As for matching the ideal policies, the process attempts to find the closest matches of the user metadata, such as by using cluster analysis. In a first step, use cluster analysis to find the closest matches in the anonymized analytics DB (e.g., top 3 matches), In a second step, for each company match, get the policy configurations with their associated anonymized asset metadata for the found company matches. In a third step, run process 600 against all of those to create the options of FIG. 13 .

In an embodiment, the user can access the presented policies through an interface that lists pre-defined policies and their relevant characteristics. In a further embodiment, an intelligent matching process can automatically select one or more policies matching user provided parameters to automatically implement a most closely matching policy, or to assign specific assets to one or more policies in the policy library. Alternatively, generic policies may be defined and provided as part of a policy package such as defined for certain industries, datasets, network configurations, protection requirements, and so on.

The zero-day configuration process provides users the benefit of adopting what other similar users have done before them with respect to data protection for certain asset types. By using existing user metadata to create representative policies and policy asset signatures, existing usage and designs can be leveraged by new users. A new company can immediately implement advanced backup/restore operations that take advantage of advanced industries configurations through an anonymized library. This library offers new users the benefit of previous experience and wisdom and allows users to rapidly deploy a fully configured solution on day zero.

Embodiments of the processes and techniques described above can be implemented on any appropriate backup system operating environment or file system, or network server system. Such embodiments may include other or alternative data structures or definitions as needed or appropriate.

The processes described herein may be implemented as computer programs executed in a computer or networked processing device and may be written in any appropriate language using any appropriate software routines. For purposes of illustration, certain programming examples are provided herein, but are not intended to limit any possible embodiments of their respective processes.

The network of FIG. 1 may comprise any number of individual client-server networks coupled over the Internet or similar large-scale network or portion thereof. Each node in the network(s) comprises a computing device capable of executing software code to perform the processing steps described herein. FIG. 14 shows a system block diagram of a computer system used to execute one or more software components of the present system described herein. The computer system 1005 includes a monitor 1011, keyboard 1017, and mass storage devices 1020. Computer system 1005 further includes subsystems such as central processor 1010, system memory 1015, I/O controller 1021, display adapter 1025, serial or universal serial bus (USB) port 1030, network interface 1035, and speaker 1040. The system may also be used with computer systems with additional or fewer subsystems. For example, a computer system could include more than one processor 1010 (i.e., a multiprocessor system) or a system may include a cache memory.

Arrows such as 1045 represent the system bus architecture of computer system 1005. However, these arrows are illustrative of any interconnection scheme serving to link the subsystems. For example, speaker 1040 could be connected to the other subsystems through a port or have an internal direct connection to central processor 1010. The processor may include multiple processors or a multicore processor, which may permit parallel processing of information. Computer system 1005 is just one example of a computer system suitable for use with the present system. Other configurations of subsystems suitable for use with the described embodiments will be readily apparent to one of ordinary skill in the art.

Computer software products may be written in any of various suitable programming languages. The computer software product may be an independent application with data input and data display modules. Alternatively, the computer software products may be classes that may be instantiated as distributed objects. The computer software products may also be component software.

An operating system for the system 1005 may be one of the Microsoft Windows®. family of systems (e.g., Windows Server), Linux, Mac OS X, IRIX32, or IRIX64. Other operating systems may be used. Microsoft Windows is a trademark of Microsoft Corporation.

The computer may be connected to a network and may interface to other computers using this network. The network may be an intranet, internet, or the Internet, among others. The network may be a wired network (e.g., using copper), telephone network, packet network, an optical network (e.g., using optical fiber), or a wireless network, or any combination of these. For example, data and other information may be passed between the computer and components (or steps) of the system using a wireless network using a protocol such as Wi-Fi (IEEE standards 802.11, 802.11a, 802.11b, 802.11e, 802.11g, 802.11i, 802.11n, 802.11ac, and 802.11ad, among other examples), near field communication (NFC), radio-frequency identification (RFID), mobile or cellular wireless. For example, signals from a computer may be transferred, at least in part, wirelessly to components or other computers.

In an embodiment, with a web browser executing on a computer workstation system, a user accesses a system on the World Wide Web (WWW) through a network such as the Internet. The web browser is used to download web pages or other content in various formats including HTML, XML, text, PDF, and postscript, and may be used to upload information to other parts of the system. The web browser may use uniform resource identifiers (URLs) to identify resources on the web and hypertext transfer protocol (HTTP) in transferring files on the web.

For the sake of clarity, the processes and methods herein have been illustrated with a specific flow, but it should be understood that other sequences may be possible and that some may be performed in parallel, without departing from the spirit of the described embodiments. Additionally, steps may be subdivided or combined. As disclosed herein, software written in accordance certain embodiments may be stored in some form of computer-readable medium, such as memory or CD-ROM, or transmitted over a network, and executed by a processor. More than one computer may be used, such as by using multiple computers in a parallel or load-sharing arrangement or distributing tasks across multiple computers such that, as a whole, they perform the functions of the components identified herein; i.e., they take the place of a single computer. Various functions described above may be performed by a single process or groups of processes, on a single computer or distributed over several computers. Processes may invoke other processes to handle certain tasks. A single storage device may be used, or several may be used to take the place of a single storage device.

Unless the context clearly requires otherwise, throughout the description and the claims, the words “comprise,” “comprising,” and the like are to be construed in an inclusive sense as opposed to an exclusive or exhaustive sense; that is to say, in a sense of “including, but not limited to.” Words using the singular or plural number also include the plural or singular number respectively. Additionally, the words “herein,” “hereunder,” “above,” “below,” and words of similar import refer to this application as a whole and not to any particular portions of this application. When the word “or” is used in reference to a list of two or more items, that word covers all of the following interpretations of the word: any of the items in the list, all of the items in the list and any combination of the items in the list.

All references cited herein are intended to be incorporated by reference. While one or more implementations have been described by way of example and in terms of the specific embodiments, it is to be understood that one or more implementations are not limited to the disclosed embodiments. To the contrary, it is intended to cover various modifications and similar arrangements as would be apparent to those skilled in the art. Therefore, the scope of the appended claims should be accorded the broadest interpretation so as to encompass all such modifications and similar arrangements. 

What is claimed is:
 1. A computer-implemented method of selecting data protection policies for a new system, comprising: collecting user, policy, and asset metadata for a plurality of other users storing data dictated by one or more protection policies, wherein the collected metadata is anonymized with respect to personal identifying information; storing the collected metadata in an anonymized analytics database; receiving specific user, policy and asset metadata for the new system from a specific user; and matching the received specific user metadata to the collected metadata to identify an optimum protection policy of the one or more protection policies based on the assets and protection requirements of the new system.
 2. The method of claim 1 further comprising configuring the new system with the identified optimum protection policy as an initial configuration of the new system.
 3. The method of claim 2 wherein the new system is a newly deployed computer network installed at day zero of a deployment period.
 4. The method of claim 1 wherein the collected user metadata comprises at least one of: a company type based on common industry classification, geolocation information of a user of the other users, a number of assets of each user of the other users; and a distribution of managed items of the other users.
 5. The method of claim 4 wherein the collected policy metadata comprises at least one of: a policy name, an asset type, a backup method, a backup frequency, a backup location, and a retention period.
 6. The method of claim 5 wherein the collected user and policy metrics comprise characteristics that define certain features of each asset relevant to a data backup or restore operation conducted by a respective other user data protection system, and wherein each metric is specified by a corresponding metadata element in each asset.
 7. The method of claim 1 wherein the asset metadata is derived using a cluster analysis process.
 8. The method of claim 7 further comprising, for each asset: defining a set of metrics characterizing each asset in the system; extracting metadata of the set of metrics from an asset to be assigned a protection policy; comparing each metric of the asset with corresponding metadata of a plurality of clusters each containing one or more other assets, wherein a unique protection policy is assigned to each cluster of the plurality of clusters to be applied to each asset within a respective cluster; determining an overall affinity score of the asset relative to each cluster; and automatically grouping the asset into a cluster with the highest overall affinity score.
 9. A computer-implemented method of assigning data assets of a new system to corresponding protection policies, comprising: extracting metadata for a plurality of metrics for each asset for a plurality of other users; comparing the metadata for each asset to corresponding metadata for each other asset; calculating an affinity percentage for each metric of the asset with the metrics of each other asset; determining an overall affinity percentage for the asset based on the calculated affinity percentage for each metric; and automatically grouping the data assets of the new system with clusters of other assets when the overall affinity percentage exceeds a defined threshold value.
 10. The method of claim 9 wherein the plurality of metrics each comprise an attribute that defines certain features of each asset relevant to a data storage or movement operation conducted by the data protection system, and wherein each metric is specified by a corresponding metadata element in the asset.
 11. The method of claim 10 wherein the grouping determines a protection policy to be applied to the grouped assets, and wherein a different protection policy is applied to each cluster of assets.
 12. The method of claim 9 wherein the metadata extracted for the plurality of other users comprises anonymized data having no personally identifying or identifiable information.
 13. The method of claim 12 further comprising storing the extracted metadata in an anonymized analytics database.
 14. The method of claim 12 wherein the extracted metadata comprises user metadata including at least one of: a company type based on common industry classification, geolocation information of a user of the other users, a number of assets of each user of the other users; and a distribution of managed items of the other users.
 15. The method of claim 14 wherein the extracted metadata includes policy metadata comprising at least one of: a policy name, an asset type, a backup method, a backup frequency, a backup location, and a retention period.
 16. A computer-implemented method of grouping assets for protection policy assignment based on asset metadata in a data protection system, comprising: grouping the assets into respective clusters based on a sufficiently high similarity of characteristics defined by metadata elements of the assets; assigning a unique protection policy to each cluster of grouped assets; storing asset metadata signatures for each asset in an anonymized analytics database; using the asset metadata signatures to identify one or more policies to apply to a specific user of a new computer system; and configuring the new system with the identified policy or policies as an initial configuration of the new system.
 17. The method of claim 16 wherein metadata elements encapsulate a plurality of metrics each comprising an attribute that defines certain features of each asset relevant to a data storage or movement operation conducted by the data protection system.
 18. The method of claim 17 wherein the metadata elements comprise user metadata including at least one of: a company type based on common industry classification, geolocation information of a user of the other users, a number of assets of each user of the other users; and a distribution of managed items of the other users.
 19. The method of claim 18 wherein the metadata elements comprise policy metadata including at least one of: a policy name, an asset type, a backup method, a backup frequency, a backup location, and a retention period.
 20. The method of claim 19 wherein the metadata elements comprise metadata extracted for the plurality of other users comprises anonymized data having no personally identifying or identifiable information. 